How we collect, use and protect your information.
This Privacy Policy explains how Cash Pocket (“we”, “us”, “our”) collects, uses, shares, and safeguards information when you use the Cash Pocket web application and our Android and iOS mobile apps, distributed via Google Play and the Apple App Store, together with related services (the “Service”). By creating an account or using the Service, you agree to the practices described here.
This policy is intended to comply with the requirements of the Google Play Developer Program (including the User Data and Data safety policies) and the Apple App Store Review Guidelines, in addition to applicable data-protection laws.
When you create an account, we collect your name, email address, and a securely hashed password. If you add a business, we store its name, type, and the members you invite (their name and email).
To provide the Service, we store the data you enter: cash-in and cash-out entries, amounts, categories, payment modes, notes, books, parties (customers and suppliers), trips, and shared expenses. This information is treated as your “financial info” and is used only to operate the Service for you.
With your explicit permission, the mobile app can read contacts so you can quickly add a party from your phonebook. Contacts are accessed on-device for that purpose only; a contact’s details are saved to our servers solely if and when you choose to create a party from it. You can deny or revoke this permission at any time in your device settings without losing core functionality.
We collect limited technical information needed to operate and secure the Service, such as device model, operating system version, app version, language, and a device/session identifier used for authentication.
We may collect app diagnostics such as crash logs, error reports, and basic usage events to keep the Service stable and improve it. We do not use this data for advertising.
We do not knowingly collect precise location, biometric data, or special-category personal data, and we do not use your data for third-party advertising or build advertising profiles.
The mobile apps request only the permissions required for features you use:
INTERNET, ACCESS_NETWORK_STATE) — to sync your data with our servers.READ_CONTACTS; iOS Contacts) — optional, to add a party from your phonebook. Used as described above; declining it does not block core use.You can review and revoke permissions at any time from your Android or iOS system settings.
We do not sell your personal information and we do not share it with data brokers or for third-party advertising. We share data only:
We rely on third-party providers to deliver the Service — for example, cloud hosting and database providers, and, for the mobile apps, the Google Play and Apple App Store platforms and their crash/diagnostics tooling. These providers process data only as needed to perform their services and under their own privacy commitments. Data transmitted to or from app stores is also subject to Google’s and Apple’s privacy policies.
We use industry-standard measures to protect your data, including encrypted transport (HTTPS/TLS), hashed passwords, scoped access controls, and authentication tokens stored securely on your device. No method of transmission or storage is completely secure, but we work to protect your information using reasonable safeguards and review our practices regularly.
We retain your information for as long as your account is active or as needed to provide the Service. If you delete your account, we delete or irreversibly anonymise your personal and ledger data, except where we must retain limited information to meet legal, tax, accounting, or security obligations. Residual copies in encrypted backups are purged on a rolling basis, ordinarily within 90 days.
You can delete your account and associated data at any time:
When you delete your account, we permanently remove your profile, businesses you solely own, books, entries, parties, trips, and related personal data, subject to the limited legal retention described in Section 8. We will action verified deletion requests within 30 days. Note that records shared with a business you do not solely own (for example, entries you added to another owner’s book) may be retained by that business owner as the controller of that data.
You may access, update, or export your data from within the app at any time. Depending on your location, you may also have the right to request correction, deletion, restriction of processing, or portability of your personal information, and to object to certain processing. To exercise these rights, contact us using the details below. Where applicable law grants additional rights, we will honour them.
Your information may be processed and stored on servers located in countries other than your own. Where we transfer data internationally, we take steps to ensure it is protected consistent with this policy and applicable law.
The Service is intended for businesses and individuals aged 18 and above and is not directed to children. We do not knowingly collect personal information from children. If you believe a child has provided us personal data, contact us and we will delete it.
We may update this Privacy Policy from time to time. Material changes will be reflected by updating the “Last updated” date above and, where appropriate, by notifying you in the app or by email.
If you have questions about this Privacy Policy, your data, or a deletion request, contact our privacy team at support@cashpocket.in or via our contact page.
Data controller: Cash Pocket, [insert registered business/legal entity name], [insert registered postal address].